Cisco Live announcements - We focus on Full Stack Observability

The 6th and 7th

June sees Cisco announcing a slew of new features and solutions at Cisco live. Ahead of that, a group of analysts were given a quick peek at what was coming. Given Cisco’s size and breadth of offering, way beyond its original network appliances origins, a 90-minute Webex session could do no more than scratch the surface, with coverage areas and new features being presented at such speed.

For some time, one of my most active focus areas has been on the hybrid IT infrastructure management space and its more recent incarnations around AIOps and Observability. I’ll come back to that, but I’ll give my general observations on the broader picture that was being presented.

Cisco sees hybrid multicloud as the future. That involves working closely with the hyperscale public clouds. Most importantly, it seeks to provide a simplified, unified and more secure interface for enterprise customers dealing with new hybrid work models, growing IoT interconnection requirements and demands for greater business performance assurance.

Everyone has “got” a cloud these days. Having just blogged about the confusion that exists around what defines a cloud, I promptly sat through two presentations, this one from Cisco and another one from VMWare, that sprayed the term ”cloud” around liberally. Cisco announced new features and capabilities for Cisco Networking Cloud and Cisco Security Cloud. To be clear, these are not locations, they are technology stacks, or platforms that provide a range of functions to connect and secure this new hybrid multicloud world.

At one point during the session the presenter stated that Cisco wants to “frustrate attackers, not users.” According to Cisco, with Cisco Secure Access, “if you access multiple apps and nothing else changes (same device, network, etc.) we won’t bug you to re-authenticate.” That theme of simplification and security was stressed throughout. Cisco also claimed its XDR (Extended Detection and Response) solution has the broadest native telemetry in the market. I can’t comment on that but its focus on simplifying and securing the hybrid network world is welcome.

My deeper interest was on its announcements around Full Stack Observability (FSO) and Customer Digital Experience Monitoring (CDEM). I wrote about Cisco FSO in a blog back in January of this year, so I won’t add too much here. Its commitment to Open Telemetry is important and the bi-directional integration between AppDynamics and ThousandEyes is a welcome demonstration of the integration commitments made when ThousandEyes was acquired.

For me, ThousandEyes is a game changer for Cisco. It closes that visibility gap that most enterprises have experienced in both the move to the cloud and pandemic driven growth of working from home. Its existing cross layer synthetics monitoring capability will now be joined by Real User Monitoring (RUM) to further enhance the management of the end user experience through the Cisco acquisition of Czech based Smartlook.

I like Cisco’s focus on Business Risk assurance. At Bloor we have been advocating such an approach for some years. I did cover that in the previously mentioned blog. As part of the development of its Partner Eco-System it is introducing a module on the FSO Platform – created by Evolutio – that monitors KPIs relevant to the fintech vertical like credit card authorisation. I hope we see more vertical industry specific modules introduced in the near future.

A number of other modules for the FSO platform were announced. These encompassed areas like capacity planning, hybrid cost and application resource optimisation and a module to enable vSphere observability. But the one that caught my eye was an AIOps module developed by Cisco IT. It felt a little bit of an after thought and, despite integrations with ServiceNow, Splunk and others, and claims about its AI based correlation capabilities, I remain to be convinced that it has the same level of sophistication as key AIOps vendors like BigPanda and Interlink have built up over the years. No doubt, I will get a closer look under the covers in the months to come.

This brings me to my last observations. Cisco mentioned the problem of tool sprawl a number of times. While Cisco did not claim that FSO was the one tool to rule the end-to-end monitoring and management space, it clearly thinks that is the direction of travel. We have often said that we would like to see a reduction in tool sprawl, but we do not believe there is one tool that fits all. Open Telemetry is obviously enabling Cisco to ingest a much wider range of metrics, logs and traces from hitherto difficult to integrate systems. However, I need to see more evidence of how FSO works for SREs and Platform Engineering teams in CI/CD environments. At the other end of the spectrum I think some legacy management tools for server and storage management might also be needed for a while yet. Getting rid of the tool sprawl has been an ongoing and quite difficult challenge for some time. Notwithstanding the three different packaging levels of FSO that make it easier to start small and grow, IT development and operations teams won’t give up their existing tools easily. However, there is a lot to recommend in these announcements for enterprises looking to assure business performance, that nowadays relies so heavily on a very diverse and widely distributed IT and network infrastructure.